Sujet Précédent Sujet Suivant

HijackThis

Fermé
Shin - 18 sept. 2008 à 19:15
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 - 21 sept. 2008 à 10:55
Bonjour,

Je voudrais que vous m'aidiez car j'ai s'en arret des publicités de Internet Explorer qui ouvre, plein de pub (genre voyance, musique etc...)
J'ai fait un scan avec HijackThis et voila le rapport:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09, on 18/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LocalCooling\localcooling.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kankan.xunlei.com/?id=55
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O1 - Hosts: 91.121.91.21 l2testauthd.lineage2.com
O1 - Hosts: 91.121.91.21 l2authd.lineage2.com
O1 - Hosts: 91.121.91.21 nprotect.lineage2.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunOnce: [wextract_cleanup2] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Maxime\LOCALS~1\Temp\IXP004.TMP\"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\Windows External Security Update.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [PLAY CAKE] C:\DOCUME~1\Maxime\APPLIC~1\BASHEL~1\Usertest.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

25 réponses

  • 1
  • 2
Réponse 1 / 25
Shin
18 sept. 2008 à 21:09
Voila le rapport de Lop S&D, désolé si j'ai pris du temps a répondre j'etais partis mangé.


--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Maxime ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
Firewall : Sygate Personal Firewall Pro 4.6 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 78 Go Free : 2 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 70 Go Free : 3 Go

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 18/09/2008|21:06 )

--------------------\\ Listing des dossiers dans APPLIC~1

[10/04/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/04/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[09/01/2008|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[23/04/2008|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/03/2008|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7(2)
[08/03/2008|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[28/05/2008|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[11/05/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/01/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[14/09/2008|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
[05/09/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/03/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/03/2008|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft(2)
[02/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/04/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[02/04/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[02/04/2008|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[04/06/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[22/03/2008|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[12/03/2008|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[04/01/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/05/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/09/2008|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[02/01/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[17/09/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[13/05/2008|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[12/05/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[11/05/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/09/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[14/06/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Thunder Network
[02/04/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[02/01/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/02/2008|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/02/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[02/01/2008|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[23/06/2008|00:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[07/03/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[08/07/2008|20:21] C:\DOCUME~1\Maxime\APPLIC~1\Adobe
[20/03/2008|00:49] C:\DOCUME~1\Maxime\APPLIC~1\Apple Computer
[28/05/2008|13:52] C:\DOCUME~1\Maxime\APPLIC~1\AVSMedia
[14/09/2008|23:54] C:\DOCUME~1\Maxime\APPLIC~1\BASHELSEMETA
[22/04/2008|15:35] C:\DOCUME~1\Maxime\APPLIC~1\DAEMON Tools
[18/09/2008|21:05] C:\DOCUME~1\Maxime\APPLIC~1\DMCache
[01/04/2008|17:40] C:\DOCUME~1\Maxime\APPLIC~1\Google
[27/03/2008|07:53] C:\DOCUME~1\Maxime\APPLIC~1\Hamachi
[06/01/2008|00:48] C:\DOCUME~1\Maxime\APPLIC~1\Help
[02/04/2008|22:13] C:\DOCUME~1\Maxime\APPLIC~1\HP
[05/05/2008|18:07] C:\DOCUME~1\Maxime\APPLIC~1\HPAppData
[02/01/2008|15:16] C:\DOCUME~1\Maxime\APPLIC~1\Identities
[20/07/2008|12:54] C:\DOCUME~1\Maxime\APPLIC~1\IDM
[27/02/2008|19:10] C:\DOCUME~1\Maxime\APPLIC~1\InstallShield
[14/05/2008|18:51] C:\DOCUME~1\Maxime\APPLIC~1\LimeWire
[30/04/2008|12:42] C:\DOCUME~1\Maxime\APPLIC~1\ma-config.com
[03/01/2008|01:56] C:\DOCUME~1\Maxime\APPLIC~1\Macromedia
[12/03/2008|13:52] C:\DOCUME~1\Maxime\APPLIC~1\Malwarebytes
[29/07/2008|22:34] C:\DOCUME~1\Maxime\APPLIC~1\Microsoft
[07/07/2008|12:01] C:\DOCUME~1\Maxime\APPLIC~1\mIRC
[11/04/2008|23:36] C:\DOCUME~1\Maxime\APPLIC~1\Move Networks
[03/01/2008|15:43] C:\DOCUME~1\Maxime\APPLIC~1\Mozilla
[28/03/2008|22:10] C:\DOCUME~1\Maxime\APPLIC~1\Notepad++
[09/09/2008|15:10] C:\DOCUME~1\Maxime\APPLIC~1\PPLive
[07/08/2008|13:19] C:\DOCUME~1\Maxime\APPLIC~1\ppstream
[16/06/2008|17:51] C:\DOCUME~1\Maxime\APPLIC~1\Real
[22/04/2008|16:36] C:\DOCUME~1\Maxime\APPLIC~1\Sierra Entertainment
[18/09/2008|21:00] C:\DOCUME~1\Maxime\APPLIC~1\Skype
[18/09/2008|18:05] C:\DOCUME~1\Maxime\APPLIC~1\skypePM
[12/05/2008|00:18] C:\DOCUME~1\Maxime\APPLIC~1\Sony
[03/01/2008|22:21] C:\DOCUME~1\Maxime\APPLIC~1\Sun
[06/03/2008|13:14] C:\DOCUME~1\Maxime\APPLIC~1\SUPERAntiSpyware.com
[03/01/2008|15:44] C:\DOCUME~1\Maxime\APPLIC~1\Talkback
[03/01/2008|02:25] C:\DOCUME~1\Maxime\APPLIC~1\vlc

[07/03/2008|17:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[18/09/2008 21:00][--ah-----] C:\WINDOWS\tasks\A4DEB0A091852E54.job
[23/08/2008 17:08][--a------] C:\WINDOWS\tasks\EasyShare Registration Task.job
[18/09/2008 21:05][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[17/09/2008 21:32][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/09/2008 20:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( A4DEB0A091852E54.job )=( c:\docume~1\maxime\applic~1\bashel~1\isoroamonline.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[13/03/2008|19:08] C:\Program Files\_OTMoveIt
[16/03/2008|19:51] C:\Program Files\Activision
[29/06/2008|01:52] C:\Program Files\Activision Value
[03/07/2008|22:47] C:\Program Files\Adobe
[28/07/2008|18:09] C:\Program Files\AGEIA Technologies
[02/01/2008|15:45] C:\Program Files\Ahead
[17/03/2008|00:27] C:\Program Files\AlienGUIse
[23/04/2008|23:39] C:\Program Files\Apple Software Update
[18/09/2008|20:00] C:\Program Files\a-squared Free
[16/03/2008|18:46] C:\Program Files\ASUS
[25/04/2008|20:23] C:\Program Files\Auralog
[13/05/2008|12:06] C:\Program Files\Avanquest update
[08/03/2008|14:42] C:\Program Files\Avira
[10/08/2008|22:43] C:\Program Files\AviSynth 2.5
[11/07/2008|00:33] C:\Program Files\Axon Data
[01/03/2008|12:38] C:\Program Files\BitComet
[12/06/2008|18:20] C:\Program Files\Burning
[05/08/2008|18:41] C:\Program Files\CAPCOM
[04/07/2008|11:12] C:\Program Files\CCleaner
[22/04/2008|11:02] C:\Program Files\Clean
[09/07/2008|22:44] C:\Program Files\Counter-Strike Source
[06/03/2008|23:47] C:\Program Files\Creative
[02/01/2008|15:42] C:\Program Files\CyberLink
[23/04/2008|10:48] C:\Program Files\DAEMON Tools Lite
[11/04/2008|18:57] C:\Program Files\Dial-a-fix-v0.60.0.24
[20/05/2008|22:22] C:\Program Files\DIFX
[29/01/2008|19:15] C:\Program Files\DivX
[19/08/2008|13:41] C:\Program Files\DVD Shrink
[03/09/2008|12:08] C:\Program Files\eMule
[27/04/2008|00:03] C:\Program Files\eRightSoft
[17/09/2008|20:33] C:\Program Files\Fichiers communs
[02/06/2008|20:09] C:\Program Files\GOA
[01/03/2008|12:12] C:\Program Files\Google
[18/09/2008|18:49] C:\Program Files\Gravity
[21/03/2008|15:15] C:\Program Files\Hamachi
[02/04/2008|21:17] C:\Program Files\HP
[05/08/2008|18:41] C:\Program Files\InstallShield Installation Information
[11/08/2008|14:21] C:\Program Files\Internet Download Manager
[14/08/2008|17:07] C:\Program Files\Internet Explorer
[23/04/2008|23:48] C:\Program Files\iPod
[23/04/2008|23:48] C:\Program Files\iTunes
[05/02/2008|23:13] C:\Program Files\Java
[22/03/2008|18:01] C:\Program Files\Kodak
[29/03/2008|19:06] C:\Program Files\LibUSB-Win32-0.1.10.1
[11/08/2008|14:50] C:\Program Files\Lineage II
[03/01/2008|02:00] C:\Program Files\LocalCooling
[12/03/2008|20:43] C:\Program Files\Lopxp
[30/04/2008|12:41] C:\Program Files\ma-config.com
[18/09/2008|19:11] C:\Program Files\Malwarebytes' Anti-Malware
[14/08/2008|17:08] C:\Program Files\Messenger
[12/09/2008|15:50] C:\Program Files\Messenger Plus! Live
[02/01/2008|15:08] C:\Program Files\microsoft frontpage
[13/08/2008|18:27] C:\Program Files\Microsoft Games
[05/04/2008|15:42] C:\Program Files\Microsoft Office
[17/08/2008|20:49] C:\Program Files\Microsoft Silverlight
[02/01/2008|15:26] C:\Program Files\Microsoft Visual Studio
[11/06/2008|01:02] C:\Program Files\Microsoft Works
[21/03/2008|22:33] C:\Program Files\Microsoft Xbox 360 Accessories
[02/01/2008|15:03] C:\Program Files\Movie Maker
[18/09/2008|21:03] C:\Program Files\Mozilla Firefox
[02/01/2008|15:00] C:\Program Files\MSN
[02/01/2008|15:01] C:\Program Files\MSN Gaming Zone
[12/09/2008|15:50] C:\Program Files\MSN Messenger
[18/04/2008|19:56] C:\Program Files\MSNTweaker
[02/01/2008|15:03] C:\Program Files\NetMeeting
[13/07/2008|12:01] C:\Program Files\Notepad++
[02/01/2008|15:01] C:\Program Files\Online Services
[11/04/2008|19:05] C:\Program Files\Outlook Express
[04/01/2008|14:44] C:\Program Files\PC Inspector File Recovery
[18/07/2008|00:25] C:\Program Files\Perfect World France
[09/09/2008|15:11] C:\Program Files\PPLive
[07/08/2008|13:17] C:\Program Files\PPS
[20/08/2008|21:20] C:\Program Files\PPStream
[12/03/2008|13:50] C:\Program Files\QooBox
[21/04/2008|12:14] C:\Program Files\Qtracker
[23/04/2008|23:47] C:\Program Files\QuickTime
[12/01/2008|15:31] C:\Program Files\RALINK
[16/06/2008|17:50] C:\Program Files\RealPlayer
[16/03/2008|18:52] C:\Program Files\Realtek
[03/07/2008|23:06] C:\Program Files\Reganam
[11/07/2008|00:44] C:\Program Files\Sarkophage
[02/01/2008|15:04] C:\Program Files\Services en ligne
[17/09/2008|20:33] C:\Program Files\Skype
[02/01/2008|15:48] C:\Program Files\SLD Codec Pack
[12/05/2008|00:13] C:\Program Files\Sony Ericsson
[18/09/2008|21:02] C:\Program Files\Spybot - Search & Destroy
[18/09/2008|21:01] C:\Program Files\Steam
[04/01/2008|14:30] C:\Program Files\Sygate
[25/06/2008|11:06] C:\Program Files\Sysreset
[01/09/2008|18:50] C:\Program Files\The Chronicle of Stars
[14/06/2008|19:06] C:\Program Files\Thunder Network
[06/03/2008|21:40] C:\Program Files\Trend Micro
[02/01/2008|15:16] C:\Program Files\Uninstall Information
[25/04/2008|09:33] C:\Program Files\UnZixWin
[20/08/2008|22:19] C:\Program Files\uusee
[03/01/2008|02:24] C:\Program Files\VideoLAN
[12/01/2008|19:19] C:\Program Files\virtualdub_virtualdub_1.7.6_anglais_10126
[06/02/2008|21:25] C:\Program Files\Windows Live
[06/02/2008|21:45] C:\Program Files\Windows Live Favorites
[17/09/2008|19:27] C:\Program Files\Windows Live Safety Center
[03/04/2008|15:14] C:\Program Files\Windows Live Toolbar
[19/03/2008|18:21] C:\Program Files\Windows Media Connect 2
[25/04/2008|20:24] C:\Program Files\Windows Media Player
[02/01/2008|15:01] C:\Program Files\Windows NT
[02/01/2008|15:04] C:\Program Files\WindowsUpdate
[02/01/2008|15:43] C:\Program Files\WinRAR
[02/01/2008|15:08] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[10/04/2008|09:55] C:\Program Files\Fichiers communs\Adobe
[10/04/2008|09:53] C:\Program Files\Fichiers communs\Adobe Systems Shared
[02/01/2008|15:45] C:\Program Files\Fichiers communs\Ahead
[20/03/2008|00:43] C:\Program Files\Fichiers communs\Apple
[23/06/2008|23:13] C:\Program Files\Fichiers communs\AVSMedia
[02/01/2008|15:26] C:\Program Files\Fichiers communs\DESIGNER
[02/04/2008|21:14] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2008|21:15] C:\Program Files\Fichiers communs\HP
[04/06/2008|15:06] C:\Program Files\Fichiers communs\InstallShield
[03/01/2008|22:14] C:\Program Files\Fichiers communs\Java
[22/03/2008|18:00] C:\Program Files\Fichiers communs\Kodak
[08/08/2008|01:03] C:\Program Files\Fichiers communs\Microsoft Shared
[02/01/2008|15:03] C:\Program Files\Fichiers communs\MSSoap
[02/01/2008|15:55] C:\Program Files\Fichiers communs\ODBC
[16/06/2008|17:49] C:\Program Files\Fichiers communs\Real
[02/01/2008|15:03] C:\Program Files\Fichiers communs\Services
[17/09/2008|20:33] C:\Program Files\Fichiers communs\Skype
[02/01/2008|15:55] C:\Program Files\Fichiers communs\SpeechEngines
[17/03/2008|00:24] C:\Program Files\Fichiers communs\Stardock
[03/01/2008|01:33] C:\Program Files\Fichiers communs\Synacast
[11/04/2008|19:05] C:\Program Files\Fichiers communs\System
[14/06/2008|19:06] C:\Program Files\Fichiers communs\Thunder Network
[20/08/2008|22:19] C:\Program Files\Fichiers communs\uusee
[03/01/2008|16:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/07/2008|18:10] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/06/2008|17:50] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 54 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust\Rect four.exe
C:\DOCUME~1\Maxime\APPLIC~1\bashel~1
C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\coal copy size mfcd.exe
C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\ewivbkxq.exe
C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\iso roam online.exe
C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\Usertest.exe
C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\wzpavmun.exe
C:\DOCUME~1\Maxime\Cookies\maxime@www.adserver5[1].txt
C:\WINDOWS\Tasks\A4DEB0A091852E54.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PLAY CAKE"="C:\\DOCUME~1\\Maxime\\APPLIC~1\\BASHEL~1\\Usertest.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 21:06:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1161

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_01.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_02.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_03.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_04.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_05.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_06.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_07.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_08.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_09.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_10.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_11.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_12.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_13.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_14.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_15.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_16.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_17.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_18.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_19.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_20_Final.m3u


[F:34][D:8]-> C:\DOCUME~1\Maxime\LOCALS~1\Temp
[F:19][D:0]-> C:\DOCUME~1\Maxime\Cookies
[F:112][D:5]-> C:\DOCUME~1\Maxime\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:09 - Option : [1]

--------------------\\ Fin du rapport a 21:09:04
0
Réponse 2 / 25
Shin
18 sept. 2008 à 21:29
Voila le rapport de Lop S&D:


--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Maxime ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
Firewall : Sygate Personal Firewall Pro 4.6 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 78 Go Free : 2 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 70 Go Free : 3 Go

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [3] ( 18/09/2008|21:17 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust\Rect four.exe
Supprime! - C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\coal copy size mfcd.exe
Supprime! - C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\ewivbkxq.exe
Supprime! - C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\iso roam online.exe
Supprime! - C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\Usertest.exe
Supprime! - C:\DOCUME~1\Maxime\APPLIC~1\bashel~1\wzpavmun.exe
Supprime! - C:\DOCUME~1\Maxime\Cookies\maxime@www.adserver5[1].txt
Supprime! - C:\WINDOWS\Tasks\A4DEB0A091852E54.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Defy Memo Find Trust
Supprime! - C:\DOCUME~1\Maxime\APPLIC~1\bashel~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[10/04/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/04/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[09/01/2008|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[23/04/2008|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/03/2008|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7(2)
[08/03/2008|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[28/05/2008|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[11/05/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/01/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/09/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/03/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/03/2008|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft(2)
[02/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/04/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[02/04/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[02/04/2008|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[04/06/2008|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[22/03/2008|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[12/03/2008|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[04/01/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/05/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/09/2008|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[02/01/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[17/09/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[13/05/2008|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[12/05/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[11/05/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[18/09/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[14/06/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Thunder Network
[02/04/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[02/01/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/02/2008|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[06/02/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[02/01/2008|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[23/06/2008|00:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[07/03/2008|17:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[08/07/2008|20:21] C:\DOCUME~1\Maxime\APPLIC~1\Adobe
[20/03/2008|00:49] C:\DOCUME~1\Maxime\APPLIC~1\Apple Computer
[28/05/2008|13:52] C:\DOCUME~1\Maxime\APPLIC~1\AVSMedia
[22/04/2008|15:35] C:\DOCUME~1\Maxime\APPLIC~1\DAEMON Tools
[18/09/2008|21:05] C:\DOCUME~1\Maxime\APPLIC~1\DMCache
[01/04/2008|17:40] C:\DOCUME~1\Maxime\APPLIC~1\Google
[27/03/2008|07:53] C:\DOCUME~1\Maxime\APPLIC~1\Hamachi
[06/01/2008|00:48] C:\DOCUME~1\Maxime\APPLIC~1\Help
[02/04/2008|22:13] C:\DOCUME~1\Maxime\APPLIC~1\HP
[05/05/2008|18:07] C:\DOCUME~1\Maxime\APPLIC~1\HPAppData
[02/01/2008|15:16] C:\DOCUME~1\Maxime\APPLIC~1\Identities
[20/07/2008|12:54] C:\DOCUME~1\Maxime\APPLIC~1\IDM
[27/02/2008|19:10] C:\DOCUME~1\Maxime\APPLIC~1\InstallShield
[14/05/2008|18:51] C:\DOCUME~1\Maxime\APPLIC~1\LimeWire
[30/04/2008|12:42] C:\DOCUME~1\Maxime\APPLIC~1\ma-config.com
[03/01/2008|01:56] C:\DOCUME~1\Maxime\APPLIC~1\Macromedia
[12/03/2008|13:52] C:\DOCUME~1\Maxime\APPLIC~1\Malwarebytes
[29/07/2008|22:34] C:\DOCUME~1\Maxime\APPLIC~1\Microsoft
[07/07/2008|12:01] C:\DOCUME~1\Maxime\APPLIC~1\mIRC
[11/04/2008|23:36] C:\DOCUME~1\Maxime\APPLIC~1\Move Networks
[03/01/2008|15:43] C:\DOCUME~1\Maxime\APPLIC~1\Mozilla
[28/03/2008|22:10] C:\DOCUME~1\Maxime\APPLIC~1\Notepad++
[09/09/2008|15:10] C:\DOCUME~1\Maxime\APPLIC~1\PPLive
[07/08/2008|13:19] C:\DOCUME~1\Maxime\APPLIC~1\ppstream
[16/06/2008|17:51] C:\DOCUME~1\Maxime\APPLIC~1\Real
[22/04/2008|16:36] C:\DOCUME~1\Maxime\APPLIC~1\Sierra Entertainment
[18/09/2008|21:00] C:\DOCUME~1\Maxime\APPLIC~1\Skype
[18/09/2008|18:05] C:\DOCUME~1\Maxime\APPLIC~1\skypePM
[12/05/2008|00:18] C:\DOCUME~1\Maxime\APPLIC~1\Sony
[03/01/2008|22:21] C:\DOCUME~1\Maxime\APPLIC~1\Sun
[06/03/2008|13:14] C:\DOCUME~1\Maxime\APPLIC~1\SUPERAntiSpyware.com
[03/01/2008|15:44] C:\DOCUME~1\Maxime\APPLIC~1\Talkback
[03/01/2008|02:25] C:\DOCUME~1\Maxime\APPLIC~1\vlc

[07/03/2008|17:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[23/08/2008 17:08][--a------] C:\WINDOWS\tasks\EasyShare Registration Task.job
[18/09/2008 21:05][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[17/09/2008 21:32][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/09/2008 20:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[13/03/2008|19:08] C:\Program Files\_OTMoveIt
[16/03/2008|19:51] C:\Program Files\Activision
[29/06/2008|01:52] C:\Program Files\Activision Value
[03/07/2008|22:47] C:\Program Files\Adobe
[28/07/2008|18:09] C:\Program Files\AGEIA Technologies
[02/01/2008|15:45] C:\Program Files\Ahead
[17/03/2008|00:27] C:\Program Files\AlienGUIse
[23/04/2008|23:39] C:\Program Files\Apple Software Update
[18/09/2008|20:00] C:\Program Files\a-squared Free
[16/03/2008|18:46] C:\Program Files\ASUS
[25/04/2008|20:23] C:\Program Files\Auralog
[13/05/2008|12:06] C:\Program Files\Avanquest update
[08/03/2008|14:42] C:\Program Files\Avira
[10/08/2008|22:43] C:\Program Files\AviSynth 2.5
[11/07/2008|00:33] C:\Program Files\Axon Data
[01/03/2008|12:38] C:\Program Files\BitComet
[12/06/2008|18:20] C:\Program Files\Burning
[05/08/2008|18:41] C:\Program Files\CAPCOM
[04/07/2008|11:12] C:\Program Files\CCleaner
[22/04/2008|11:02] C:\Program Files\Clean
[09/07/2008|22:44] C:\Program Files\Counter-Strike Source
[06/03/2008|23:47] C:\Program Files\Creative
[02/01/2008|15:42] C:\Program Files\CyberLink
[23/04/2008|10:48] C:\Program Files\DAEMON Tools Lite
[11/04/2008|18:57] C:\Program Files\Dial-a-fix-v0.60.0.24
[20/05/2008|22:22] C:\Program Files\DIFX
[29/01/2008|19:15] C:\Program Files\DivX
[19/08/2008|13:41] C:\Program Files\DVD Shrink
[03/09/2008|12:08] C:\Program Files\eMule
[27/04/2008|00:03] C:\Program Files\eRightSoft
[17/09/2008|20:33] C:\Program Files\Fichiers communs
[02/06/2008|20:09] C:\Program Files\GOA
[01/03/2008|12:12] C:\Program Files\Google
[18/09/2008|18:49] C:\Program Files\Gravity
[21/03/2008|15:15] C:\Program Files\Hamachi
[02/04/2008|21:17] C:\Program Files\HP
[05/08/2008|18:41] C:\Program Files\InstallShield Installation Information
[11/08/2008|14:21] C:\Program Files\Internet Download Manager
[14/08/2008|17:07] C:\Program Files\Internet Explorer
[23/04/2008|23:48] C:\Program Files\iPod
[23/04/2008|23:48] C:\Program Files\iTunes
[05/02/2008|23:13] C:\Program Files\Java
[22/03/2008|18:01] C:\Program Files\Kodak
[29/03/2008|19:06] C:\Program Files\LibUSB-Win32-0.1.10.1
[11/08/2008|14:50] C:\Program Files\Lineage II
[03/01/2008|02:00] C:\Program Files\LocalCooling
[12/03/2008|20:43] C:\Program Files\Lopxp
[30/04/2008|12:41] C:\Program Files\ma-config.com
[18/09/2008|19:11] C:\Program Files\Malwarebytes' Anti-Malware
[14/08/2008|17:08] C:\Program Files\Messenger
[12/09/2008|15:50] C:\Program Files\Messenger Plus! Live
[02/01/2008|15:08] C:\Program Files\microsoft frontpage
[13/08/2008|18:27] C:\Program Files\Microsoft Games
[05/04/2008|15:42] C:\Program Files\Microsoft Office
[17/08/2008|20:49] C:\Program Files\Microsoft Silverlight
[02/01/2008|15:26] C:\Program Files\Microsoft Visual Studio
[11/06/2008|01:02] C:\Program Files\Microsoft Works
[21/03/2008|22:33] C:\Program Files\Microsoft Xbox 360 Accessories
[02/01/2008|15:03] C:\Program Files\Movie Maker
[18/09/2008|21:03] C:\Program Files\Mozilla Firefox
[02/01/2008|15:00] C:\Program Files\MSN
[02/01/2008|15:01] C:\Program Files\MSN Gaming Zone
[12/09/2008|15:50] C:\Program Files\MSN Messenger
[18/04/2008|19:56] C:\Program Files\MSNTweaker
[02/01/2008|15:03] C:\Program Files\NetMeeting
[13/07/2008|12:01] C:\Program Files\Notepad++
[02/01/2008|15:01] C:\Program Files\Online Services
[11/04/2008|19:05] C:\Program Files\Outlook Express
[04/01/2008|14:44] C:\Program Files\PC Inspector File Recovery
[18/07/2008|00:25] C:\Program Files\Perfect World France
[09/09/2008|15:11] C:\Program Files\PPLive
[07/08/2008|13:17] C:\Program Files\PPS
[20/08/2008|21:20] C:\Program Files\PPStream
[12/03/2008|13:50] C:\Program Files\QooBox
[21/04/2008|12:14] C:\Program Files\Qtracker
[23/04/2008|23:47] C:\Program Files\QuickTime
[12/01/2008|15:31] C:\Program Files\RALINK
[16/06/2008|17:50] C:\Program Files\RealPlayer
[16/03/2008|18:52] C:\Program Files\Realtek
[03/07/2008|23:06] C:\Program Files\Reganam
[11/07/2008|00:44] C:\Program Files\Sarkophage
[02/01/2008|15:04] C:\Program Files\Services en ligne
[17/09/2008|20:33] C:\Program Files\Skype
[02/01/2008|15:48] C:\Program Files\SLD Codec Pack
[12/05/2008|00:13] C:\Program Files\Sony Ericsson
[18/09/2008|21:02] C:\Program Files\Spybot - Search & Destroy
[18/09/2008|21:01] C:\Program Files\Steam
[04/01/2008|14:30] C:\Program Files\Sygate
[25/06/2008|11:06] C:\Program Files\Sysreset
[01/09/2008|18:50] C:\Program Files\The Chronicle of Stars
[14/06/2008|19:06] C:\Program Files\Thunder Network
[06/03/2008|21:40] C:\Program Files\Trend Micro
[02/01/2008|15:16] C:\Program Files\Uninstall Information
[25/04/2008|09:33] C:\Program Files\UnZixWin
[20/08/2008|22:19] C:\Program Files\uusee
[03/01/2008|02:24] C:\Program Files\VideoLAN
[12/01/2008|19:19] C:\Program Files\virtualdub_virtualdub_1.7.6_anglais_10126
[06/02/2008|21:25] C:\Program Files\Windows Live
[06/02/2008|21:45] C:\Program Files\Windows Live Favorites
[17/09/2008|19:27] C:\Program Files\Windows Live Safety Center
[03/04/2008|15:14] C:\Program Files\Windows Live Toolbar
[19/03/2008|18:21] C:\Program Files\Windows Media Connect 2
[25/04/2008|20:24] C:\Program Files\Windows Media Player
[02/01/2008|15:01] C:\Program Files\Windows NT
[02/01/2008|15:04] C:\Program Files\WindowsUpdate
[02/01/2008|15:43] C:\Program Files\WinRAR
[02/01/2008|15:08] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[10/04/2008|09:55] C:\Program Files\Fichiers communs\Adobe
[10/04/2008|09:53] C:\Program Files\Fichiers communs\Adobe Systems Shared
[02/01/2008|15:45] C:\Program Files\Fichiers communs\Ahead
[20/03/2008|00:43] C:\Program Files\Fichiers communs\Apple
[23/06/2008|23:13] C:\Program Files\Fichiers communs\AVSMedia
[02/01/2008|15:26] C:\Program Files\Fichiers communs\DESIGNER
[02/04/2008|21:14] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2008|21:15] C:\Program Files\Fichiers communs\HP
[04/06/2008|15:06] C:\Program Files\Fichiers communs\InstallShield
[03/01/2008|22:14] C:\Program Files\Fichiers communs\Java
[22/03/2008|18:00] C:\Program Files\Fichiers communs\Kodak
[08/08/2008|01:03] C:\Program Files\Fichiers communs\Microsoft Shared
[02/01/2008|15:03] C:\Program Files\Fichiers communs\MSSoap
[02/01/2008|15:55] C:\Program Files\Fichiers communs\ODBC
[16/06/2008|17:49] C:\Program Files\Fichiers communs\Real
[02/01/2008|15:03] C:\Program Files\Fichiers communs\Services
[17/09/2008|20:33] C:\Program Files\Fichiers communs\Skype
[02/01/2008|15:55] C:\Program Files\Fichiers communs\SpeechEngines
[17/03/2008|00:24] C:\Program Files\Fichiers communs\Stardock
[03/01/2008|01:33] C:\Program Files\Fichiers communs\Synacast
[11/04/2008|19:05] C:\Program Files\Fichiers communs\System
[14/06/2008|19:06] C:\Program Files\Fichiers communs\Thunder Network
[20/08/2008|22:19] C:\Program Files\Fichiers communs\uusee
[03/01/2008|16:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/07/2008|18:10] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/06/2008|17:50] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 54 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 21:18:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1161

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_01.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_02.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_03.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_04.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_05.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_06.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_07.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_08.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_09.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_10.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_11.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_12.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_13.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_14.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_15.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_16.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_17.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_18.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_19.m3u
C:\DOCUME~1\Maxime\Bureau\Papa\The_Gentle_Crackdown_II_-_Episode_20_Final.m3u


[F:34][D:8]-> C:\DOCUME~1\Maxime\LOCALS~1\Temp
[F:19][D:0]-> C:\DOCUME~1\Maxime\Cookies
[F:117][D:5]-> C:\DOCUME~1\Maxime\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:09 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|21:20 - Option : [3]

--------------------\\ Fin du rapport a 21:20:14


Voila le rapport de HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27, on 18/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LocalCooling\localcooling.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kankan.xunlei.com/?id=55
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O1 - Hosts: 91.121.91.21 l2testauthd.lineage2.com
O1 - Hosts: 91.121.91.21 l2authd.lineage2.com
O1 - Hosts: 91.121.91.21 nprotect.lineage2.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\Windows External Security Update.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0
Réponse 3 / 25
Shin
18 sept. 2008 à 21:52
Okay je te remercie, je vais le faire demain soir vers 17-18h parce que là j'ai pas trop le temps, je suis débordé de devoirs. Je mettrai les 2 rapport.

Un grand merci pour ton aide.

A plus, bonne soirée.
0
Réponse 4 / 25
Shin
19 sept. 2008 à 17:52
Bonjour,

Voila le rapport obtenu après l'analyse de SDFix:



[b]SDFix: Version 1.226 [/b]
Run by Maxime on 19/09/2008 at 17:29

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:

C:\WINDOWS
:8B180F1491EDB9A7 24
Total size: 24 bytes.
WINDOWS: deleted 24 bytes in 1 streams.

Checking for remaining Streams

C:\WINDOWS
No streams found.



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-19 17:35:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:87,47,48,99,2a,43,29,5b,e2,bc,23,cf,86,71,fe,cb,57,95,66,2d,11,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,72,e6,ec,e0,0a,c8,16,51,8e,73,2a,18,72,2e,b9,32,c4,..
"khjeh"=hex:51,64,46,94,81,08,cd,1b,c9,32,03,df,8e,85,c0,ae,f6,e1,74,fb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:1a,97,35,d8,50,14,02,65,e6,c5,7b,f7,be,3f,7f,ab,99,6b,65,72,05,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:87,47,48,99,2a,43,29,5b,e2,bc,23,cf,86,71,fe,cb,57,95,66,2d,11,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,72,e6,ec,e0,0a,c8,16,51,8e,73,2a,18,72,2e,b9,32,c4,..
"khjeh"=hex:51,64,46,94,81,08,cd,1b,c9,32,03,df,8e,85,c0,ae,f6,e1,74,fb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:1a,97,35,d8,50,14,02,65,e6,c5,7b,f7,be,3f,7f,ab,99,6b,65,72,05,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\GOA\\GOA\\Gunbound\\GunBound.gme"="C:\\Program Files\\GOA\\GOA\\Gunbound\\GunBound.gme:*:Enabled:GunBound"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Qtracker\\qtracker.exe"="C:\\Program Files\\Qtracker\\qtracker.exe:*:Enabled:Qtracker"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mpHAMACHI 1.5.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mpHAMACHI 1.5.exe:*:Enabled:iw3mpHAMACHI 1.5"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Internet Download Manager\\IDMan.exe"="C:\\Program Files\\Internet Download Manager\\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Downloads\\mIRC.v6.31\\mirc.exe"="C:\\Downloads\\mIRC.v6.31\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\BluetoothPCDialer\\BluetoothPCDialer.exe"="C:\\Program Files\\BluetoothPCDialer\\BluetoothPCDialer.exe:*:Enabled:BluetoothPCDialer"
"C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"="C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0"
"C:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"="C:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"
"C:\\Program Files\\Sysreset\\mirc.exe"="C:\\Program Files\\Sysreset\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe"="C:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe:*:Enabled:sof3"
"F:\\PES08\\Crack\\PES2008.exe"="F:\\PES08\\Crack\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"F:\\PES2008.exe"="F:\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"="C:\\Program Files\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ"
"C:\\Program Files\\PPStream\\PPSAP.exe"="C:\\Program Files\\PPStream\\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\uusee\\UUSeePlayer.exe"="C:\\Program Files\\uusee\\UUSeePlayer.exe:*:Enabled:UUPlayer"
"C:\\Program Files\\Fichiers communs\\uusee\\UUSeeMediaCenter.exe"="C:\\Program Files\\Fichiers communs\\uusee\\UUSeeMediaCenter.exe:*:Enabled:MediaCenter"
"C:\\Program Files\\Team17\\Worms Armageddon\\WA.exe"="C:\\Program Files\\Team17\\Worms Armageddon\\WA.exe:*:Disabled:Worms Armageddon"
"C:\\Program Files\\Team17\\Worms Armageddon\\Landgen.exe"="C:\\Program Files\\Team17\\Worms Armageddon\\Landgen.exe:*:Enabled:Landgen"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Steam\\steamapps\\arkham7186\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\arkham7186\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\\Program Files\\Steam\\steamapps\\impo93\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\impo93\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\PPLive\\PPLive.exe"="C:\\Program Files\\PPLive\\PPLive.exe:*:Enabled:PPLive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Tue 13 May 2008 24 ..SH. --- "C:\WINDOWS\SDAF42E3E.tmp"
Mon 3 Mar 2008 61,440 A..H. --- "C:\Program Files\MSN Messenger\winmm.dll"
Thu 14 Aug 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Wed 30 Jul 2008 4,891,984 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Thu 5 Aug 2004 33,792 ..SHR --- "C:\WINDOWS\system32\rundll32.exe"
Mon 17 Dec 2007 27,648 ..SH. --- "C:\WINDOWS\system32\Smab0.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Sun 27 Apr 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Fri 4 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 19 Mar 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"

[b]Finished![/b]


Et le rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LocalCooling\localcooling.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\Windows External Security Update.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
Shin
19 sept. 2008 à 18:13
Okay je vais scan, pour Reganam Toolbar je connais mais je ne sais plus quand, pourquoi je l'ai installé, ca doit être doit un logiciel qui me l'ont demandé. Si sa pose un problème avec, je peux le désinstallé.

Je posterai le rapport quand le scan finit.

A plus.
0
Réponse 6 / 25
Shin
19 sept. 2008 à 22:13
Voila le rapport de Malwarebytes: Ca pris quand meme plus de 3h lool sa doit etre a cause des jeux


Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1134
Windows 5.1.2600 Service Pack 2

19/09/2008 22:06:06
mbam-log-2008-09-19 (22-06-06).txt

Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 192352
Temps écoulé: 3 hour(s), 26 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system34 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\SoftwareProtection\Windows External Security Update.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Downloads\Fichier Call Of Duty 4\Call of Duty 4 Multiplayer key Generator\COD4 Generator\cod4 serial database.ptn (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{10022C37-6940-4192-90B6-576A5BEAA79D}\RP234\A0036898.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{10022C37-6940-4192-90B6-576A5BEAA79D}\RP236\A0037749.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareProtection\cod4 serial database.ptn (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 7 / 25
Shin
19 sept. 2008 à 23:03
Voila le rapport de HijackThis: Bah là il n'y a plus de problème. Je te remercie pour ton aide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LocalCooling\localcooling.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Steam\steam.exe
c:\program files\steam\steamapps\impo93\counter-strike\hl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1845b66cb87a43c4a8f422e315141088
O8 - Extra context menu item: ʹÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm
O8 - Extra context menu item: ʹÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0
Réponse 8 / 25
Shin
19 sept. 2008 à 23:40
File size: 453120 bytes
MD5...: 009745030558db6cce3c4be2aa752b22
SHA1..: 2297ea21b5646dc0b2c72ecac532d20f24c7b82d
SHA256: bf9a75c38668b8e26cfb2750fe74191ac9053c8f01d78a57efaab12ca1cbd9bd
SHA512: e4867f5723574139c40d78e5ce3dcd59d43cc6057af6662ba368d5b85d004f7f
b858305a0c7a20547552a281b002ec92b01c2da93d584c9c43b99cad9158f561
PEiD..: -
TrID..: File type identification
Win32 Executable Borland Delphi 7 (69.1%)
Win32 Executable Borland Delphi 6 (27.0%)
Win32 Executable Delphi generic (1.5%)
Win32 Executable Generic (0.8%)
Win32 Dynamic Link Library (generic) (0.7%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x45df74
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x5cfe0 0x5d000 6.55 c3ce2d5bb4a01b04603a94e3feece41f
DATA 0x5e000 0x2b58 0x2c00 2.37 0b54412cffa04bbd38bb81f1f21da3a6
BSS 0x61000 0x125d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x63000 0x2532 0x2600 4.91 e232888a7cf4e986a33edc2f393ca64d
.tls 0x66000 0x10 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x67000 0x18 0x200 0.20 85d55f92dd07023abcb3c2f3d0dbc613
.reloc 0x68000 0x6874 0x6a00 6.65 72b529caaf01584b546aef364445adb8
.rsrc 0x6f000 0x5800 0x5800 4.19 924b7e63757e2a66579754441d2df9ff

( 13 imports )
> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
> advapi32.dll: ReportEventA, RegisterEventSourceA, RegQueryValueExA, RegOpenKeyExA, RegFlushKey, RegCreateKeyExA, RegCloseKey, OpenProcessToken, LookupPrivilegeValueA, GetTokenInformation, DeregisterEventSource, AdjustTokenPrivileges
> kernel32.dll: lstrcpyA, WriteFile, WinExec, WaitForSingleObject, VirtualQuery, VirtualAlloc, SuspendThread, Sleep, SizeofResource, SetThreadLocale, SetLastError, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, ReadFile, MulDiv, LockResource, LocalFree, LocalAlloc, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVersionExA, GetVersion, GetTickCount, GetThreadLocale, GetTempPathA, GetSystemInfo, GetSystemDirectoryA, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetExitCodeThread, GetDiskFreeSpaceA, GetCurrentThreadId, GetCurrentProcessId, GetCurrentProcess, GetCurrentDirectoryA, GetCPInfo, GetACP, FreeResource, FreeLibrary, FormatMessageA, FindResourceA, ExpandEnvironmentStringsA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateThread, CreateFileA, CreateEventA, CompareStringA, CloseHandle
> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, ExcludeClipRect, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt
> user32.dll: WindowFromPoint, WinHelpA, WaitMessage, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowsHookExA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetMenuItemInfoA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsChild, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageA, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreateWindowExA, CreatePopupMenu, CreateMenu, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, AdjustWindowRectEx, ActivateKeyboardLayout
> kernel32.dll: Sleep
> oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayRedim, SafeArrayCreate, VarBstrFromBool, VarBstrFromDate, VarBstrFromCy, VarBoolFromStr, VarCyFromStr, VarDateFromStr, VarR8FromStr, VarI4FromStr, VarNot, VarNeg, VariantChangeTypeEx, VariantCopyInd, VariantCopy, VariantClear, VariantInit
> advapi32.dll: StartServiceA, StartServiceCtrlDispatcherA, SetServiceStatus, RegisterServiceCtrlHandlerA, OpenServiceA, OpenSCManagerA, DeleteService, CreateServiceA, ControlService, CloseServiceHandle
> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create

( 0 exports )
0
Réponse 9 / 25
Shin
19 sept. 2008 à 23:52
Fichier SRKSRV.exe reçu le 2008.09.18 04:25:36 (CET)
Situation actuelle: terminé
Résultat: 0/36 (0.00%)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.17 -
AntiVir 7.8.1.28 2008.09.17 -
Authentium 5.1.0.4 2008.09.18 -
Avast 4.8.1195.0 2008.09.17 -
AVG 8.0.0.161 2008.09.17 -
BitDefender 7.2 2008.09.18 -
CAT-QuickHeal 9.50 2008.09.17 -
ClamAV 0.93.1 2008.09.18 -
DrWeb 4.44.0.09170 2008.09.18 -
eSafe 7.0.17.0 2008.09.17 -
eTrust-Vet 31.6.6091 2008.09.16 -
Ewido 4.0 2008.09.17 -
F-Prot 4.4.4.56 2008.09.18 -
F-Secure 8.0.14332.0 2008.09.18 -
Fortinet 3.113.0.0 2008.09.17 -
GData 19 2008.09.18 -
Ikarus T3.1.1.34.0 2008.09.18 -
K7AntiVirus 7.10.460 2008.09.17 -
Kaspersky 7.0.0.125 2008.09.18 -
McAfee 5386 2008.09.17 -
Microsoft 1.3903 2008.09.18 -
NOD32v2 3449 2008.09.17 -
Norman 5.80.02 2008.09.17 -
Panda 9.0.0.4 2008.09.18 -
PCTools 4.4.2.0 2008.09.17 -
Prevx1 V2 2008.09.18 -
Rising 20.62.22.00 2008.09.17 -
Sophos 4.33.0 2008.09.18 -
Sunbelt 3.1.1645.1 2008.09.17 -
Symantec 10 2008.09.18 -
TheHacker 6.3.0.9.086 2008.09.18 -
TrendMicro 8.700.0.1004 2008.09.17 -
VBA32 3.12.8.5 2008.09.17 -
ViRobot 2008.9.17.1379 2008.09.17 -
VirusBuster 4.5.11.0 2008.09.17 -
Webwasher-Gateway 6.6.2 2008.09.18 -
Information additionnelle
File size: 453120 bytes
MD5...: 009745030558db6cce3c4be2aa752b22
SHA1..: 2297ea21b5646dc0b2c72ecac532d20f24c7b82d
SHA256: bf9a75c38668b8e26cfb2750fe74191ac9053c8f01d78a57efaab12ca1cbd9bd
SHA512: e4867f5723574139c40d78e5ce3dcd59d43cc6057af6662ba368d5b85d004f7f
b858305a0c7a20547552a281b002ec92b01c2da93d584c9c43b99cad9158f561
PEiD..: -
0
Réponse 10 / 25
Shin
20 sept. 2008 à 11:12
Bonjour,

Je click sur Accepte mais sa fait rien...J'ai beau clické sa fait rien.

A plus
0
Réponse 11 / 25
Shin
20 sept. 2008 à 16:45
Bonjour,

Sa m'enerve j'ai fais l'analyse de Kaspersky et quand sa terminé y'a pas les bouton enregistrer le rapport etc...
Toute la partie du haut a disparu. Et sa m'enerve de refaire, sachant que j'ai plus de 300 000 fichier, des jeux etc donc sa prend du temps a analyser... <.<

Là je suis en train de refaire l'analyse de Kaspersky esperant qui bug pas...

A plus.
0
Réponse 12 / 25
Shin
20 sept. 2008 à 18:41
Bonjour,

Ca refait la meme chose, voila un screen:

[URL=https://imageshack.com/][IMG]http://img129.imageshack.us/img129/641/kasperskyby6.png[/IMG][/URL]
0
Réponse 13 / 25
aXXeL69 Messages postés 187 Date d'inscription mercredi 3 septembre 2008 Statut Membre Dernière intervention 24 juin 2010 17
18 sept. 2008 à 19:19
C'est un scan plus que normal pourquoi veut tu ke quelqu'un l'etudie v?
-1
Réponse 14 / 25
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
18 sept. 2008 à 19:21
Faux, il y a une infection lop.

Télécharge LopS&D.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Installe le logiciel.
Une icône va apparaitre sur le bureau. Double clique dessus pour lancer le logiciel
Tu choisis la langue et l'option 1 pour effectuer la recherche.
A la fin de la recherche, un rapport LopR.txt apparait. Il se trouve en C:\LopR.txt.
Tu posteras ce rapport dans le prochain message.

A+
-1
Réponse 15 / 25
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
18 sept. 2008 à 21:14
Fais gaffe avec les cracks, c'est le meilleur moyen d'attraper des virus.

Pour information, on attrape ces pubs via justement des bannières de publicités sur des pages Webs ou en installant certains logiciels comme :
* BitDownload
* BitGrabber
* BitRoll
* MessengerPlus! 3 sous le nom de sponsors
* Messenger Plus! Live sous le nom de sponsors
* NetPumper
* TorrentQ
* Torrent101


1) Relance le logiciel LopS&D.
Choisis l'option 3 pour supprimer l'infection.

A la fin du nettoyage, un rapport LopR.txt apparait. Il se trouve en C:\LopR.txt. Tu posteras ce rapport dans le prochain message.

Désinstalle LopS&D par la panneau de configuration et Ajout/Suppression de programmes.
Puis redémarre l'ordinateur.

2) Poste également un n ouveau rapport Hijackthis.

A+
-1
Réponse 16 / 25
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
18 sept. 2008 à 21:38
1)Lance Hijackthis et tu choisis " Do a system scan only ".
Tu sélectionnes les lignes suivantes :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kankan.xunlei.com/?id=55
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll
O1 - Hosts: 91.121.91.21 l2testauthd.lineage2.com
O1 - Hosts: 91.121.91.21 l2authd.lineage2.com
O1 - Hosts: 91.121.91.21 nprotect.lineage2.com
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

Tu choisis l'option " Fixchecked" en bas de la page.

2) Tu vas utiliser SDFix téléchargeable à :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Tu installes le logiciel.
Tu peux t’aider du tuto suivant :
https://www.malekal.com/slenfbot-still-an-other-irc-bot/

Il faut que tu redémarres en mode sans échec.
Pour cela, tu redémarres ton ordinateur et tu appuies sur la touche F8.

A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
Choisis ton compte.

Tu lances SDFix en double-cliquant sur RunThis.bat dans le dossier où tu as installé le logiciel.

Ton ordinateur va redémarrer. il te sera peut-être demander d'appuyer sur une touche pour redémarrer.
L'outil va continuer à travailler, c'est normal.
Une fois affiché Finished, appuie sur une touche pour finir l'exécution du logiciel.
Ton bureau devrait réapparaitre.

Ouvre le dossier de SDFix sur ton Bureau.
Copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum.

Avec un nouveau log HijackThis !

A+
-1
Réponse 17 / 25
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
18 sept. 2008 à 21:54
OK, bosse bien.

A+
-1
Réponse 18 / 25
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
19 sept. 2008 à 18:05
1) Cela te dit quelque chose cette barre d'outil : Reganam Toolbar

2) Pour cette manipulation, je te conseille de noter ou d'imprimer ce texte car la désinfection va se faire en mode sans échec et tu n'auras pas accès à Internet pour visualiser les consignes.
Autre astuce : Copie/colle le texte dans un fichier .txt que tu enregistres sur ton bureau. Tu le retrouveras alors sur ton bureau et en mode sans échec.

Tu télécharges MalwareBytes.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l'installes. Choisis les options par défaut.
A la fin de l’installation, il te sera demandé de mettre à jour MalwareBytes et de l’exécuter .
Ne choisis que la mise à jour. Le logiciel sera lancé en mode sans échec.

Tu relances l'ordinateur en mode sans échec ( tapote la touche F8 après redémarrage ).
Tu choisis ton compte utilisateur.

Pour lancer MalwareBytes, double-clique sur le raccourci du bureau.

Dans l’onglet Recherche, sélectionne Exécuter un examen complet.
Clique sur recherche. Tu ne sélectionnes que les disques durs de l’ordinateur.
Clique sur lancer l’examen.

A la fin de la recherche, Comme il est demandé, clique sur afficher les résultats de la recherche.
Choisis alors Supprimer la selection pour nettoyer les infections.
Tu postes le rapport dans ton prochain message.

Si tu ne le retrouves pas, ouvre MalwareBytes et regarde dans l’onglet Rapport/logs. Il y est.
Clique dessus et choisir ouvrir.

Le scan en moyenne 50 mn.

A+
-1
Réponse 19 / 25
dark-adidas Messages postés 73 Date d'inscription jeudi 18 septembre 2008 Statut Membre Dernière intervention 21 décembre 2008 3
19 sept. 2008 à 18:08
bonjour je vous le laisse
mes je dit juste prend mozzila firefox pas internet exploreur
-1
Réponse 20 / 25
verni29 Messages postés 6699 Date d'inscription dimanche 6 juillet 2008 Statut Contributeur sécurité Dernière intervention 26 décembre 2016 180
19 sept. 2008 à 22:19
poste moi un nouveau rapport Hijackthis.

Pour les pages de pubs, l'infection est nettoyée avec S&d.
Vois-tu d'autres choses qui ne marchent pas sur ton PC ?

A+
-1

Discussions similaires

Analyse des logs hijackthis
philnoug -
nayas13 -

35 réponses
Hijackthis pour Android mobile
Sartuplady -
le druide -

3 réponses
HIJACKTHIS tutorial
CHUNKY -
Fox-Winsax -

3 réponses
Analyse rapport Hijackthis
Utilisateur anonyme -
Malekal_morte- -

20 réponses
interprêté mon hijackthis svp
kevmurray -
plopus -

11 réponses